<?php
require_once("lib/api.php");
require_once("res/const.php");
require_once("lib/auth/session.php");
$api = new api();

if (!loggedIn()) {
	$api->setYouFail("Not logged in");
} elseif (isset($_POST['postid']) && isset($_POST['rating'])) {
	require_once("lib/post/view.php");
	$postid = $_POST['postid'];
	if (!is_numeric($postid)) {
		$api->setYouFail("Postid needs to be a number.");
	} elseif (!($postid > 0)) {
		$api->setYouFail("Postid needs to be a number larger than 0.");
	} elseif (!getPost($postid)) {
		$api->setYouFail("Post does not exist.");
	} else {
		$rating = $_POST['rating'];
		if (!(is_int($rating) || ctype_digit($rating))) {
			$api->setYouFail("Rating needs to be an integer.");
		} elseif (!(($rating >= $MIN_RATING) && ($rating <= $MAX_RATING))) {
			$api->setYouFail("Rating needs to be ranging from $MIN_RATING to $MAX_RATING.");
		} else {
			require_once("lib/rate/update.php");
			$res = updateRating($postid, $rating);
			$api->setOK();
			$api->setReturn("updatedRating", $res);
		}
	}
} else {
	$api->setYouFail("Both postid and rating need to be set.");
}
$api->returnResponse();

?>
